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(57) Abstract: Disclosed are a method 
and a system for protecting digital data that 
are capable of confining a predetermined 
authenticated execution program only 
to input/output and execute digital data. 
The system according to the invention 
includes first storage means for receiving 
and storing data, access control means for 
storing identification information about 
a data execution program, determination 
means connected to the access control 
means for determining whether or not 
the identification information about a 
data -requesting execution program has been 
recorded in the access control means if the 
data-requesting execution program requests 
for a data file, and transmission means 
connected to the first storage means and 
the determination means for transmitting 
the data to the data -requesting execution 
program from the first storage means 
so as to be executed upon receipt of a 
determination signal that the identification 
information about the execution program 
has been recorded from the determination 



WO 02/103536 Al IIIIIIIUIillllllllllllllllllllllllllllllllllN 



(84) Designated States (regional): ARIPO patent (GH, GM, 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZM, ZW), 
Eurasian patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM) ? 
European patent (AT, BE, CH, CY, DE, DK, ES, FI, FR, 
GB, GR, IE, IT, LU, MC, NL, PT, SE, TR), OAPI patent 
(BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, ML, MR, 
NE, SN, TD, TG). 



Published: 

— with international search report 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations" appearing at the begin- 
ning of each regular issue of the PCT Gazette, 



WO 02/103536 



PCT/KR02/01157 



SEQJRTIY SYSTEM FOR FOR SECLIRING EXCHANGE AND EXE(XrnON 
OF DIGTIALDAIA 

Technical Meld 

The present invention is related to a computer system using digital data 
supplied on-line or off-line and a method as well as a program medium therefore, and 
in particular, a digital data protection technology for preventing duplication, distribution 
or use of digital data by unauthorized users while providing user convenience. 

Background Art 

These days, digital contents data are commonly distributed on-line such as 
Internet The digital contents refer to the concept of encompassing all information 
required in markets or by consumers, such as market search data, on-line education 
contents, economically useful database, etc. in addition to the conventional literary 
works, pictures, cinema, music and games. 

Such digital contents are generally created or developed with much effort 
The authors wish to protect their own woks on-line as well as off-line. However, it isa 
reality that the existing copyright laws or other systems fail to protect the authors' 
copyri ghts to a full extent due to the unlimited duplication and distribution of the works 
that are a nature of on-line. 

Recently, digital contents protection technologies are actively being 
developed to control particular acts of the contents users by using technical methods in 
addition to the leg^l measures for the purpose of blocking duplication, distribution and 
diverse acts that are not available off-line as well as of protecting profits ofthe authors. 
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An example is that only the users authenticated through password, etc. can download 
and use particular digital data 

Use of the digital contents requires a more complicated technique of security 
these days. To be specific, unauthorized use is not done from the beginning. The user 
can first download the digital contents upon payment of the fee, and then store the 
digital contents in a storage device such as hard disk without authorization In the 
secondary act of duplicating or distributing the stored file, the user infringes the 
copyright of the author. Here, a complicated situation occurs such that control should 
be discerned against the legitimate use in the user's primary act and the illegal use in 
his/her secondary act 

The measure conceived to resolve such problem is a streaming method 
According to the streaming 

as hard disk. Rather, data are stored in the RAM memory of a computer system in a 
frame or a data block unit when the data are d^^ in real time so as to be used in 
a moment Once a frame is completely downloaded, all the data of the frame are 
deleted However, this method poses a problem of user inconvenience due to the 
communication velocity or other compression, e.g., Mure to smoothly streaming the 
screen and frequent data congestion in case of an active visual image. 

Under the circumstances, it is mandatory to invent a method of allowing a 
user to download and execute an entire data file while blocking the user from storing 
and using the file without authorization 

A suggestion has been made to meet such need by encrypting and distributing 
an entire data file. To be specific, an encrypted data file can be decrypted by an 
authenticated key only. Thus, a data file per se cannot be executed by an authorized 
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execution program without a key. This method is one of the most popular methods 
these days. 

However, this method also has a drawback as briefly explained herein below 
with reference to FIG 1. The most fundamental problem is that, in order to load 
contents data on an execution program (120), it is necessary to decrypt an entire 
encrypted data file (100) with a key 130 in 

a storage device. At this stage, if a user copies or transmits the decrypted data to outside 
( 1 40), the encryption Ms to perform its original function and becomes void Because 
of this problem, suppliers or contents manufacturers become resistant to trust 
consumes, and contents data distribution is restrict^ 

Digital rights management (DRM), which is a technology of preventing 
illegal duplication of digital contents, recently draws more attention from the public and 
is considered as a sole substitute for the above problem at present 

In general, the DRM refas to a series of hardware and software services and 
technologies for confining use of digital contents to authenticated users only. The 
major theme and technologies of the DRM are contents encryption technology, 
watermarking technology for indicating copyrights, technology of usage policy 
expression for indicating contents use rules and copyrights as well as technology of 
storing and processing contents use specification and changing information, etc . 

Of the above functions of the DRM, the aiayption technology is to prevent 
unauthorized duplication of the secondary act as stated above by designing a contents 
data execution program to house a DRM controller, which is the only device to decrypt 
the encrypted contexts data that have been distributed and used FIG 2 is a schematic 
diagram illustrating this DRM technology. While decryption is critical to execute the 
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encrypted contents data, unlike the conventional method, a DRM controller (220) is 
housed within or linked to the execution program. Therefore, decrypted data need not 
be stored outside of this area but are transmitted to the execution program (210), which 
is housed or co-exists therein Thus, unauthorized users are not allowed to access the 
decrypted contents that are processed within this area As a consequence, the users 
cannot duplicate or distribute the contents without authorization 

The problem of this technology is that the methods of encryption and 
decryption can be infinitely diversified depending on a company developing the DRM 
controller. Further, since the contents data to be executed by a single execution 
program would be the data decrypted by a variety of DRM, this execution program is 
supposed to house all the variety of DRM controllers. This is impractical in reality. 
Thus, the suggested method is not only a temporary measure but also another obstacle 
in distributing the contents. 

Disclosure of Invention 

It is, therefore, an object of the present invention to provide a method and a 
system for protecting digital data, that are capable of safely irputtin^outputting and 
executing digital data- 
It is another object of the present invention to provide a digital protection 
method and a system therefore capable of safely transmitting digital data to an 
authenticated predetermined execution program only in the course of executing digital 
data. 

It is still another object of the present invention to provide a file system-based 
distribution protection system of digital contents data that enables an execution 
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program to control execution of the digital data regardless of an encryption method of a 
DRM controller. 

It is still another object of the present invention to provide a system and a 
method for protecting decrypted contents data from unauthorized duplication or 
5 distribution while processing digital data supplied in streaming method as well as a 
program storage medium that realized the system and the method in the form of 
software. 

It is still another object of the present invention to provide digital contents data 
distribution system, which is convenient for a user and relatively safe for a copyright 

10 holds' of the contents. 

To achieve the above obj ects, there is provided a security system for execution 
of digital data according to die present invention, comprising: first storage means for 
receiving and staring digital data; access control means for storing identification 
information about a digital data execution program; deteamination means connected to 

1 5 the access control means for determining whether or not the identification information 
about a data-requesting execution program has been recorded in the access control 
means if the dataHtequesting execution program calls for a digital data file; and 
transmission means connected to the first storage means and the detemiination means 
for transmitting the digital data to the data-requesting execution program from the first 

20 storage means so as to be executed upon receipt of a determination signal that the 
identification information about the execution program has been recorded from the 
detemiinationmeans. 

The security system according to the present invention may further comprise 
encryption means connected to an input terminal of the first storage means for 
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encrypting the digital data and transmittir^ 

The security system according to the present invention may further comprise 
first decryption means for decrypting the digital data and transmitting the same to the 
transmission means if the digital data has been stored in the first storage means in an 
encrypted form. 

The security system according to the present invention may further comprise 
validity determination means connected to the access control means and including 
predetermined validity conditions preset in association with the digital data for 
deterrruning whether or not a command for execution of the digital data satisfies the 
validity conditions upon receipt of the command for execution of the digital data, and 
transmitting to the access control means the identification information about the digital 
data execution program so as to be stored only when the command for execution is 
determined to be valid 

The digital data may be encrypted using a one-time key In other words, the 
security system for executing digital data includes filtering means, which comprises 
identification information about a predetermined execution program for enabling the 
predetermined execution program to execute the digital data, and comparing the 
identification information about the predetemuned execution program with the 
identification information about a data-requesting execution program, if the data- 
requesting exec^on program calls 

data may be execute with respect to the call only when the two kinds of identification 
information accord with each other. 

The present invention also provides a method of allowing only a 
predetermined exec^on program to e^ digital data The method according to the 
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present invention comprises the steps of storing digital data; securing identification 
infarmation about a predetermined execution program; securing identification 
inforaiation about a data-requesting execution program if the data-requesting execution 
program calls for the digital data for the purpose of execution; comparing the 
identification information about the predetermined execution program with the 
identification information about the datanequesting execution program; and filtering so 
that the digital data can be executed in response to the call by the data-requesting 
execution program only when the identification information about the predetermined 
execution program accords with the identification information about the data- 
requesting execution prqgram. 

The streaming data protection system according to the present invention 
comprises : control means for supplying information about streaming data requested for 
execution, and identification information about an execution program capable of 
executing the streaming data; access control means for storing the supplied 
identification information about the execution program; filtering means connected to 
the access control means for determining whether or not the identification information 
about a data-requesting execution program has been stored in the access control means 
if the data-requesting execution program requests execution of the streaming data, and 
in the affirmative, passing the request for execution; and streaming data supply means 
for requesting streaming data based on the supplied streaming data information upon 
receipt of the request for streaming data passed through the filtering means, and 
supplying the streaming data to the execution program that requested the streaming 
data upon receipt of the requested streaming data. 



WO 02/103536 



PCT/KR02/01157 * 



Brief Description of Drawings 

The above objects, features and advantages of the present invention will 
become more apparent fium the following detailed description when taken in 
conjunction with the accompanying drawings, in which: 

FIG 1 is a block schematic diagram iUustrating the conventional method of 
using digital data without aulhorization; 

FIG 2 is a block schematic diagram illustrating the conventional method of 
executing a DRM controller; 

FIG 3 is a block schematic diagram illustrating a filter driver system 
according to the present invention; 

FIG 4 is a block schematic diagram illustrating a method of operating the 
filter driver system according to the present invention; 

FIG 5 is a block schematic diagram illustrating an encryptea/decrypter 
according to a best mode for carrying out the present invention; 

FIG 6 is a block schematic diagram illustrating a method of registering a 
program that can be executed according to another best mode for canying out the 
present invention; 

FIG 7 is a block schematic diagram illustrating a division of storage areas 
according to another best mode for canying out the present invention; 

FIG 8 is a block schematic diagram illustrating a streaming data processing 
according to another best mode for canying out the present invention; 

FIG 9 is a block schematic diagram illusbating an application to a remote 
storage of streaming data according to another best mode ofthe present invention; 

FIG 10 is a block schematic diagram illustratingasi^ly of streaming date 

s 



WO 02/103536 



PCT/KR02/01157 



information to external streaming data supply means according to another best mode 
for carrying out the present invention; and 

FIG 11 is a block schematic diagram illustrating streaming data buffering 
means accoidingto another best mode for carrying out 1he present invention. 

Best Modes for Carrying out the Invention 

Best modes for carrying out the present invention will now be described with 
reference to the accompanying drawings. In the following description, same drawing 
reference numerals are used for the same elements even in different drawings The 
matters defined in the description are nothing but the ones provided to assist in a 
comprehensive understanding of the invention. Thus, it is apparent that the present 
invention can be carried out without those defined matters. Also, well4oiown 
functions or constructions are not described in detail since they would obscure the 
invention in unnecessary detail. 

FIG 3 is a block schematic diagram illustrating a client system, in which a 
filter driver system according to the present invention has been realized 

The filter system in FIG 3 comprises a filter driver controller 300 for 
controlling a filter driver 3 3 0 so as to generate a particular area 3 20 in a storage device 
3 1 0 of a client system and allow a predetermined execution program only to access the 
particdar area 320, and a filter dr^^ 

predetemined execution program only as being valid while controlling input/ output of 
all the data in the particular area 320. 

The following is a detailed description of its operational mechanism. A filter 
driver controller 300 commands that a particular storage area 320 is distinctively 
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generated within a storage device 310 of a client system ( step SI) Identification 
information for identilying the particular storage area 320 is notified to a filter driver 
330 (S2). Generation of the particular area may be directly performed as stated above 
or may take an indirect form of commanding the filter driver 330 (S3) to generate the 
particular storage area (S4) and to report information about the particular storage area 
320 generated by the filter driver 330to the filta: driver controllQ" 300 (S5). 

As a next step, the filter driver controller 300 notifies identification 
information about a selected or predetermined execution program to the filter driver 
330 so as to be registered therein (S6). The registered data 3 40 perform a role of a kind 
of access control list An execution program is determined by this list so that data 
withm the particular storage area c^ 

FIG 3 exemplifies cases of registering B.exe as a writable execution program 
in the particular storage area A 320 and C.exe as a readable execution program, and 

D. exe as a writable/readable execution program Also, E.exe is an execution program 
not registered in the filter driver as for example. In that case, if a data file 4 'abatxf ' is 
stored in the storage area A 320, this data file is writable byB.exeorD.exe, and could 
be called and readable by C.exe and D.exe only. Thus, unauthorized execution 
programs cannot read or store the data Access to the data itself is blocked against 

E. exe, for example, which is a program not authorized or registered to read or write 
into the data 

Such characteristics of the present invention are powerful measures of solving 
problems of the conventional method of protecting digital contents or of the DRM 
controller. To be specific, the cxmventional system had no remedy for blocking a user's 
leakage or storage of the contents data stored in a memory in a decrypted form even in 

10 
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a short period of time prior to be executed by an execution program Further, in the 
method of housing a DRM controller and an execution program to avoid such 
occasion, the DRM controller and the execution program should be in a pair. As 
mentioned beforehand, however, variety kinds of both the DRM controller and the 

5 execution programs pose a problem of limitless combination of pairs. 

All these problems have been solved by the present invention at once. The 
present invention prevents calling and storing the decrypted contents data prior to 
executing without authorization. Since only a registered execution program is allowed 
to access and execute the digital data while the registered program is nrt 

i o distribute the data as previously registered, a consumer or an aid user becomes unable 
to perform any acts other than accessing or executing the data with the execution 
program For instance, in FIG 3, if the read-only execution program Gexe is registered, 
a consumer's unauthorized acts such as copying or redistributing are fundamentally 
blocked Moreover, the consumer cannot arbitrarily manipulate what kind of an 

15 execution program shall be registered The manipulation is determined by the filter 
driver controller according to the present invention. 

The construction of FIG 3 is not subject to a particular DRM controller. 
Therefore, no problem arises such that an execution program should house all kinds of 
DRM controllers, as mentioned with respect to the conventional DRM controller, 

20 The following is a description of a best mode for carrying out the present 

invention in association with the conventional DRM controller. 

In the presort invention, the DRM controller performs a function of 
encrypting digital data inputted to a client system to be inherent to the domain where 
the DRM controller belongs. Otherwise, if there exists any extension of the 
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downloaded digital contents, any contents use information transmitted in addition to 
the corresponding contents data, or any usage policy, the DRM controller commands 
an operating system to execute a corresponding execution program based thereon The 
DRM controller also performs a function of receiving identification information 
supplied for the corresponding execution program so as to be transmitted to the filter 
driver of a subordinate file system. 

However, the DRM controller does not necessarily perform the 
aforementioned functions, which may be performed by a module of the operating 
sy&mperse or by other methods. Thus, it would be obvious for those dolled in the 
art that the best mode described herein is merely to assist m better 
present invention and that the present invention does not necessarily be used together 
with the DRM controller. 

The identification information or a fingerprint of the execution program 
referred to in the present invention does not only refer to the identifier supplied by an 
operating system but also may be a code authentication certificate or an execution 
image, etc. of a predetermined execution program In short, the identification 
information about an execution program is a concept of encompassing all the 
information that can distinguish an application program or an execution program fiom 
other applications. Li addition, the execution program referred to in the present 
invention encompasses all the execution programs that are capable of executing digital 
contents data 

The contents usage policy data transmitted together with the contents data 
includes all the information that can effectively use the contents. The use information 
may be determined by an agreement concluded between a user and a contents provider 
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such that the corresponding contents is available three times only or for one week from 
the downloaded date for example. Tlx usage poUcy data may be dowrdoadedtoge^ 
with the contents data or may be renewed by frequently downloading them from a 
server, etc. of the contents provider. 

FIG 4 shows an application of the filter driver system according to the present 
invention to a DRM controller in general. Referring to FIG 4, the contents data abatxt 
as requested from a client system is inputted to an in^ 

through network such as Internet or by means of a storage medium such as CD-ROM, 
etc. (S2). The contents data are encrypted by means of a DRM controller 440 in an 
original encryption method inherent to the domain where the DRM controller belong?. 
The encrypted data are stored in a storage device 450 of the client system (S3). The 
data are decrypted lata* by the DRM controller. The encryption and decryption 
techniques of the DRM controller are variable depending on the DRM controller 
supplier, and are well known to those skilled in the art 

Meanwhile, the filter driver controller 400 generates a particular storage area A 
420 within a storage device 410 in advance or in each execution. 

In order to execute the stared contents data abc.txt in a predetermined 
execution program B.exe, the consumer should select the corresponding contents by 
means of a browser or by other means in his/her own client system Ifa signal that the 
contents has been selected is inputted to the DRM controller 440, the DRM controller 
first checks the usage policy data that is owned by himselfherselfor receivable from a 
remote servo* so as to determine whether or not this selection and execution is effective. 

As described above, this usage policy is to check whether or not the 
corresponding contents are available. For instance, if the user is allowed to use the 
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contents three-times only, the validity can be checked by means of a counter and a 
comparator housed therein because the number of use is counted and stored If the user 
is allowed to use the contents for several days, the validity can be checked by means of 
a system clock Such checking conducted within the client system only may be 
particularly referred to a local authentication. Another authenticating method other 
than the local authentication is to have the DRM controller, which has recognized an 
execution command, be automatically connected to an authentication saver (not 
shown in the drawing) of the contents provider so that a validity can be checked and 
authentication can be obtained therefrom. This case is designed that the DRM 
controller does not have a usage policy and authentication is obtained from the server 
from the beginning. This is referred to as a remote authentication according to the 
present invention. It is out of question that, in case of the local authentication as well, a 
new usage policy may be downloaded and used by connecting to a server if the usage 
policy has been renewed and the allowable number of use of the contents has been 
changed 

If the request command by the user is determined to be valid, the contents data 
stored in the storage device 450 are called (S4) and decrypted by the DRM controller 
440. Subsequently the decrypted data are stored in the particular storage area A 420 
vkafflterdriver430(S5). 

If notified from the DRM controller 440 that the contents data abc.txt are to be 
used or executed(S6) 5 the filter driver controller 400 registers identification information' 
about an execution program, for example, B.exe authorized to execute the contents 
data in alist 470 in the filter driver 430 ofthe file system(S7). 

The filter driver 430 ofthe file system, is a module, which is controlling 
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input/output of all the data with respect to the particular storage area A 420. Here, the 
filter driver refere to an interface between the particular storage area and the execution 
program, which blocks an access to the digital contents data file of an unauthorized 
execution program by filtering all the file-related system calls. Further; since data are 
5 transmitted between the execution program and the filter driver in the decrypted form, 
no invasion should be made between the two. Therefore, the filter driver always 
checks the communication path so as to prevent interruption of its own act by any 
module, file or command between itself and the execution program authorized from a 
module within the filter driver that is transmitting the decrypted data Ifany module or 

10 file is found to interrupt its own act, the filter . driver also clears the communication path 
by advancing itself toward the execution program Also, if any invasion is found, the 
filter driver automatically reports or removes the invasion 

In general, the aforementioned functions can be realized by means of a 
function pointer within the filter driver. If an immediately earlier filter driver exists 

15 when registering the filter driver, the system provides the newly registered filter driver 
with an address of the earlier filter driver. Byusingsuchnatureoflhe filter driver,atest 
filter driver is registered at a front end thesreof toward an execution program of the filter 
driver according to the present invention either periodically or immediately prior to 
transmitting the decrypted data to the execution program in preparation for the 

20 occasion where an unidentified commands or filter driver has invaded the front end 
toward the filter driver according to the present invention, and checks an address 
provided for the test filter driver. If this address is the filter driver according to the 
present invention, only the test filter driver exists at the front end of the execution 
program according to the present invention Otherwise, it means that an invaded filter 
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driver exists because the address would be of the invaded filter driver. In that case, filter 
driver registered previously according to the present invention should be cancelled and 
registered again. If newly registered, the filter driver according to the present invention 
is located at the most advanced position toward tlx execution program 

5 Otherwise, it is possible to perform an encryption so that the call is directly 

made from the test filter driver to A 
variety of other methods may be used in addition The reason for performing such 
functions is to enable the file system filter driver 43 0 according to the present invention 
to fieely control the input/output of all the data to and from the storage area A420. 

10 Thereafter, if an execution request for the contents data abc.txt by a 

predetermined execution program, eg., B.exe. is made (S8), the request always passes 
through the file system filter driver 430. In that case, the file system filter driverchecks 
whether or not B .exe is an execution program registered by the filter driver controller. 
Upon recognition of a registered execution program by means of the registration list 

is 470 within thereof the file system filter driver 430 calls and loads abatxt in response so 
thatB.exe may execute abatxt S9. 

By contrast, if unregistered C.exe calls abc.txt, the file system filter driver 430 
fails to find C.exe from the list 470, and temiinates the process after ratifying an error 
message or an unauthorized use with respect to the request S 1 0. An attention need to 

20 be paid on the function of the present invention of controlling an access for the purpose 
of an unauthorized use of the contents data stored in the decrypted form while 
operating independently ftomaparticularDRM controller. 

FIG 5 shows the system according to another best mode for carrying out the 
present invention- 
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No functional ©qplanatiai will be provided for the elements in FIG 5 that are 
identified by the same reference numerals as in FIG 4 since they perform the same or 
similar functions. Hie difference of FIG 4 from FIG 5 lies in that an 
enaypta/deaypter (500) is added In other words, the rantrnts data are stored in the 

5 storage area A 420 of the lower filter driver 43 0 of the file system in an encrypted form 
(Sll), while wheal the effective execution program is called and executed, contents 
data are transmitted in a decrypted form (S12). The key capable of reading the 
encrypted data should always be stored inside of the filter driver 43 0 of the file system 
accoiding to the present invention. 

10 The reason for storing the contents data in an encrypted ferai and storing the 

key at the file system filter driver is to prevent an unauthorized user from arbitrarily 
removing the file system filter driver and incapacitating the system according to the 
present invention* That is, if the filter driver 420 of the file system is removed, the 
stored key for decryption is also removed Therefore, even if an unauthorized user 

is may access the storage area A by removing the filter driver, the user will be unable to 
decrypt the encrypted data stared withk the filte driver. 

Here, an encryption technique called one-time key well known to those skilled 
in fee art may be used for the encryption. Encryption and decryption keys are variable 
in each use in case of the one-time key encryptioa Thus, an unauthorized user is 

20 unable to know the encryption and decryption keys based on his/her previous use of 
the same. Before or after undergoing the step (S12), the enaypteiydecrypter encrypts 
and stores the abc.txt in preparation for future use. 

FIG 6 illustrates another best mode for carrying out the present invention. No 
functional explanation will be provided for the elements in FIG 6 that are identified by 
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the same reference numerals as in FIG 4 since they periorm the same functions. FIG 6 
shows a method for registering the contents data and their execution program on an 
access control list 470. For instance, each of the contents data is matched with an 
execution program in the storage area A, and registered on the list 470. In FIG 6, 

5 abc.txt file is execution by B.exe., while elg.txt file is execution by C.exe (S13). 
Accordingly, the construction in FIG 6 is useful for the case where there exists a 
separate usage policy according to each contents data file. 

FIG 7 shows another best mode for carrying the present invention. No 
functional explanation will be provided for the elements in FIG 7 that are identified by 

10 the same reference numerals as in FIG 4 since they perform the same functions. 

Li FIG 7, two storage areas A, B are separately installed The access control 
list 470 shows separate registrations of execution programs accessible to each storage 
area. This case shows amore efficient use of the cx)ntentsdataaccxHdingtotheusa^ 
policy by allowing separate storage and use of the contents data according to different 

15 usage policies. In this case, C.exe can execute the data in the storage area B 490 alone 
(S14). 

Another advantage of the present invention is that a similar method is 
applicable to processing of streaming date with the same effect FIG 8 is a schematic 
diagram illustrating a constractionofastreamir^ 
20 a best mode for carrying out the present invention. The best mode in FIG 8 
exemplifies decryption and execution of the contents data locally encrypted and stared 
fo a ctient system, e.g., in a user's rc^ The construction in FIG 

8 comprises filtering means 820 for controlling input and output of all data within a file 
system area 900 at the top of the file system 900 and determining validity of the 
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commands for data execution, a authorized execution program 830 for executing a 
data file, a unauthorized program 840, which is unable to execute a data file due to no 
registration in the filtering means 820, a file system area 900 controlled by the filtering 
means 820 within a client system in storing and outputting the data, streaming data 

5 supply means 850 within the file system fir requesting streaming date to outside within 
the file system area 900 and allowing the streaming data to pass the filtering means 820 
and be transmitted to the authorized execution program 830, external streaming data 
supply means 860 of the file system for receiving encrypted contents data from storage 
means 870 and decrypting the same as well as for supplying the decrypted data in 

10 response to the request for data from the internal streaming data supply means 850, and 
a controller 810 for registering a predetemiined execution program in the filtering 
means 820 as an access control list and providing a data file to be executed and 
information about the external streaming data supply means 860. 

In tiie first place, auserdesiringto execute contents darta selected 

15 file to be executed by means of a searching tools or an Internet browser (not shown in 
the drawing). If a command for executing the contents data file is received, the 
controller 810 checks the usage policy to confirm whether or not the command for 
execution is valid The usage policy means a policy used to determine whether or not 
the command for execution is a valid act based on the prior agreement concluded 

20 between the content data user and the cxniteits data sillier. For instance, if auser's ID 
is received, the controller 810 recognizes the user based on the received ID, and 
determines whether or not the corresponding user has been authorized to use the 
contorts data based on the usage policy Such usage policy is checked either through 
real-time communication between the servo: of the data supplier and the controller 810 
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on line or through notification to the controller 8 1 0 by a module housed in the user 's 
client system However, the controllea- 810 does not necessarily perform this function 
The controller 810 may receive information about validity conditions fium another 
module or a network so as to proceed with the next step. 

5 If the command for execution is determined to be valid based on the usage 

policy the controller 810 selects an authorized execution program 830, and registers 
the identifying information about the execution program such as its process ID, etc. in 
thefiheringmeans820(Sl), HG 8 is a schematic diagram sto 
authorized execution program Aexe 830 in the filtering means 820 as an execution 

10 program of Cavi. This informatics 

the file system area 900 in the future so as to determine that the command for calling 
the registered authorized execution program 830 only is valid Details in this respect 
are either identical or similar to the description in the aforementioned Korean Patent 
Applications. 10-2001-0034583. 

15 Before or after taking the step (SI), the controller 810 registers the 

identification infOT 

of the data to locate the position thereof and the information about the external 
streaming data supply means for supplying the streaming data fium outside of the file 
system in the file system area 900 (SI'). Examples of registration in the file system 
20 area include any cases such as registration within the internal streaming data supply 
means 850 or registration in a third module (not shown in the drawing) located within 
the file system area 900 and capable of supplying the above information by being 
connected to the filtering means 820 and the internal streaming data supply means 85 0, 
etc. 
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Of all the information to be registered, the information about the external 
streaming data supply means 860 refers to the information as to which external 
streaming data supply means should be used When the internal streaming data supply 
means 850 requests the data, the information about the external streaming data supply 

5 means 860 should be supplied to the internal streaming data supply means because the 
internal streaming data supply means should know where the external streaming data 
supply means is located and which the data are requested FIG 8 exemplifies a case of 
assuming that the external streaming (fata supply means is C:\B.exe 5 registering the 
assumed external streaming data supply means, and notifying such feet to the internal 

io streaming data supply means 850. In this case, the internal streaming data supply 
means 850 executes the program B.exe in the storage area C of the client system where 
it is located, and cxmma^ Here, "external" means out of 

the particular area 900, where input/output of the data are not controlled by the filtering 
means 820 while ' internal' ' means the particular area 900, in which input/output of the 

15 data are restricted and controlled by the filtering means 820 . 

A concept of URL may also be included in the information about the external 
streaming data supply means. For instance, the command wwwjn.eom/B.exe 
signifies that the internal streaming data supply means 850 should access the site 
www.rn.com through an Internal connection tool (not shown in the drawing) and 

20 transmit the streaming data by means of B.exe existing in that area Other external 
streaming data supply means would be dynamic link library (DLL), etc. that will be 
described later in further detail. 

The information to be registered in the internal streaming data supply means 
900 should include the information about the contents data to be executed Such 
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information is used to notify to the external streaming data supply means 960 which 
data the internal streaming data supply means (950) requests. Name of the file and its 
path may be included in that infcmiatioa FIG 8 exemplifies a case of supplying 
"C:\wori<NCavi" as infcraiation abort the contents data stared in the folder 'Svoik" of 

5 the storage area "C" in the client system. 

When the information about the contents data is supplied, the information 
about the authorized execution program 830 registered in the filtering means 820 
should be suppKed ma matched st^ The 
supply of the information about the authorized execution program 830 may be 

io supplied either through registration in the filtering means as abatehpiocess(Sl)orina 
separate method (SI '). The reason for matching the information about the authorized 
execution program 830 with the information about the contents data is because the 
internal streaming data supply means 850 is able to discern which data should be 
supplied in response to the call from the authorized execution program 83 0 through the 

is matched information 

As described above, the internal streaming data supply means 850 performs 
the function of requesting the external streaming data apply means 860 for particular 
contents data within the file system area 900 (S3), and receiving the data transmitted in 
response thereto (S6), and transmitting the data to the predetermined authorized 

20 execution program 830 through the filtering means 820 (S7) so that the contents data 
can be executed Accordingly the internal streaming data supply means 850 should 
have prior knowledge as to which external streaming data supply means to 
communicate with, as well as the information about the requesting contents data. Such 
knowledge is supplied in advance by the controller 810 in the step (Sl'),as described 
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above. 

The contents data stored in the storage means 870 are encrypted by a particular 
DRM method Ehoyption/deoyption by DRM methods is a technique well known to 
those skilled the art Each DRM method adopts original method of encryption or 

5 decryption Therefore, the data encrypted in a particular DRM method cannot be 
decrypted by a DRM decrypt The data Gavi in FIG 8 was 

encrypted by an encrypter of a particular DRM method Thus, the data can be 
decrypted by a DRM deaypter of the same method According to the present 
invention, the external streaming data supply means 860 performs a decryption 

10 function and a mediating function. Therefore, the controller 810 should select the 
streaming data supply means having the same decryption method as the pre-defined 
encryption method for the contents data and assign it as the external streaming data 
supply means, and notify it to the internal streaming data supply means 850. 

The external streaming data supply means B.exe 860 requested to transmit 

15 data by the internal streaming data supply means searches an area 870 storing the 
contents data by using the information about the contents data supplied from the 
internal streaming data supply means 850, and receives the contents data Sum the 
searched area 

The external streaming data supply means 860 decrypts the received contents 
20 data in the aforementioned method, and transmits the same to the internal streaming 
data supply means 850. Upon receipt, the internal streaming data supply means 850 
discerns which execution program has called the received contents data, and transmits 
the contents data to the authorized execution program 830 through the filtering means 
820. The authorized execution program 830 executes a predetermined amount of 
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received streaming data, thereby con^letingthe caU aiidexecxition of the contents data 
The contents data here are streaming data as apart of the entire contents data 
file. The authorized execution program 830 or the internal streaming data supply 
means 850 determines an amount of data to be requested at once, and requests!^ 
5 in a method as described above so as to be executed by the authorized execution 
program. 

In FIG 8, if an unauthorized execution program D.exe 840 calls far a data file 
to execute the contents data (S8), such call is detemiined to be invalid by the filtering 
means because D.exe was not registered in the filtering means 820 in advance. 

10 Therefore, error messages appear, and the call for the contents data is na executed 

The system in FIG 8 is characterized by a streaming-type execution of data 
That is, decrypted data are stored in a file system area controlled by particular filtering 
means, and a predeteonined exec^^ 
unauthorized duplication and distribution of the data by a user. 

15 FIG 9 exemplifies another best mode for carrying out the present invention. 

The external streaming data supply means or the contents data storage means are 
located outside of the client system but linked thereto through network. 

In FIG 9, the external streaming data supply means is wwwJknetyB.exe . The 
location of the data on the network is www.enet/favi . If the data are inputted into the 

20 file system area 900 by means of the controller 810, the internal streaming data supply 
means 850 activates the external streaming data supply means B.exe 960, which is 
located at wwwJcnet by using this infonriation, and commands to call in the contents 
data file named £avi from www.e,net Of course, it is out of question that such 
command far an execution program or a data file located at another system through 
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netwoik is execution only upon prior permission. For instance, another server system 
may permit execution of such command only after checking whether or not such a 
command has been promised in advance or is valid under an agreement based on a 
user's ID, which has been inputted by the internal streaming data simply means 850 or 
5 the controller 810 in advance. The modules bearing the same drawing reference 
numerals as in FIG 8 perform the same functions as those of the best mode in FIG 8. 

FIG 9 assumed a case that both the data and the external streaming data 
supply means are located outside of the client system. However, it is also applicable to 
a case that either one of the data or the external streaming data supply means is located 

10 outside of the client system Although HG 9 identified outside of the system with an 
Internet URL for the sake of exenplification, Intranet and other network including 
peripheral storage means are also applicable to this best mode. 

FIG 10 illustrates another best mode for carrying out the present invention 
FIGs. 8 and 9 exemplify an indirect method, i.e^ supplying information about the 

15 contents data within the file system area 900 and notifying the information about the 
contents data to the external streaming data supply means 860 by using the internal 
streaming data supply means 850. By contrast, FIG 10 exemplifies a direct method, 
i.e., notifying information about the contents data to the external streaming data supply 
means 860 by using the controller 810 (SI"). The external streaming data supply 

20 means 860, which has received the information, automatically searches the contents 
data, and supplies the same to the internal streaming data supply means 850. Here, the 
external streaming data supply means should be an execution program that can control 
its own activities. 

Passively functioning modules that are controlled by the internal streaming 
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data supply means may also be the external streaming data supply means. DLL is an 
outstanding example. In that case, execution and control of the DLL, which is external 
streaming data supply means, is managed 

850. Accordingly the informatim alx>utthe cx^ntmls data should first be supplied to 
5 the internal streaming data supply means. Here, the external streaming data supply 
means is merely a module that is controlled by the internal streaming data supply 
means in inputting and transmitting the data. In other words, the external streaming 
data supply means does not period 
the contents data file and requests transmission of the same. 

10 FIG 11 illustrates another best mode for carrying out the present invention. 

FIG 11 shows a case of adding a buffo* memory 1 1 00 between the internal streaming 
data supply means 850 and the authorized execution program 830 within the file 
system 900. Desoiptionofthe other modules in FIG 11 is omitted here becmise they 
are the same as those in FIG 1. 

is In FIG 11, streaming data aie transmitted to tte 

means 850 from the external streaming data supply means (not shown in the drawing) 
(S6). The transmitted data are stored in a buffer memory 1100 by the internal 
streaming data supply means 850 (S42). The stored data are transmitted to the 
authorized execution program in response to the call from the authorized execution 

20 program 830 (S7'). In the meantime, the successive streaming data are sillied to the 
buffer memory H00 by undeigoing the same process. An advantage ofthis best mode 
lies in a sufficient storage of data that are readjy to be transmitted mresp^^ 
execution by the authorized execution program 830 within the buffer memory, which 
is a temporary memory pooL This is in preparation for a disconnected execution of 
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data due to a transmission speed pmblem caused during execution. 

In FIG 11, the authorized execution program first calls for the buffer memory 
1100 to search existence of any data (S2'). If no data is searched, the authorized 
execution program notifies the internal streaming data supply means 850 of such feet 

5 to request transmission of data(S41). Subsequently, the internal streaming data supply 
means communicates with the external streaming data supply means to receive data, 
and fills the empty space of the buffer memory with the data Deteraiination for 
existence of data within the buffer memory 1 1 00 may be performed by the authorized 
execution program 830 or by the buffer memory llOO/xrse Further, the request for 

10 data by the authorized execution program (S2 ' ) may be performed on an independent 
basis apart from the transmission of the data by the internal steaming data supply 
means 850 to the buffer memory 1100. In other words, this method is to fill in the 
buffer memory 1 1 00 by requesting data from outside of the system without checking a 
command for request of data by the authorized execution program 830 once the 

15 internal streaming data supply means 850 senses an empty state of the buffer memory. 

Industrial Applicability 

The advantage of the file system filter driver and the access control list 
according to the present invention will become more apparent in unauthenticated use. 
20 When a user is to execute the contente 

decrypted form In that case, the im* may attempt 
own storage means or transmit the data through network 

Such problem is resolved by the system according to the present invention. 
To be specific, the decrypted data are supplied to an authenticated authorized execution 
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program only through the file system filter driver. Moreover, the filter driver controller 
is able to control the authorized execution program which has no function of storage or 
transmission by itself or by disabling the authorized execution program's function of 
storage or transmission on a temporary basis. For these functions, the filter driver 
5 controller may control the authorized execution program by blocking transmission of 
its commands to the driver of the storage means or to the driver of the transmission 
means. 

The file system filter driver determines any command from an unauthorized 
executionprogram to execute the contents data as an invalid command based on the 
10 access control list so as to prevent execution of the contents data Accordingly the user 
is not able to access even the decrypted contents data with an unauthorized execution 
program that have not been registered 

Thus, unlike the conventional system, the present invention enables a contents 
data provider to prevent copyright infringing acts even after the contents data are 
15 transmitted to a user. 

Besides, the present invention does not require matching of an execution 
program with decryption methods, unlike the conventional DRM method Therefore, 
the present invention can make use of the advantages of the conventional DRM 
method while effectively reducing the load laid on the system. 
20 According to the present invention, contents data can be used widely among 

the public because the present invention drastically reduces the ride of the contents data 
provider. 

The execution of data by a streaming method according to the present 
invention includes all the cases of executing data and call for data for the purpose of 
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execution, either simultaneously or in order. The contents data according to 
hvention refers to all the material (fata corresponding to the authorized execution 
program including document files, graphic files, audio files and video files. 

The module according to the present invention refers to the most basic unit of 
5 perfbnning each function or a complex unit of performing multiple functions of the 
present invention as described above. Further, the data communication between each 
module may be performed in a method of exchanging a passive role with an active 
role between the modules, e.g., request for data or transmission of data, if necessary. 

The data communication according to the present invention includes the 
10 request for data and transmission of data between the related modules. 

The present invention may be produced into a computer program. The 
produced program may be stored in a recording medium or transmitted by a 
transmitting medium. 

The present invention is not limited to a particular operating system but is 
15 applicable to other versions ofWindows operating system or Unix and other opeaating 
systems. The filtering system according to the present invention is applicable between 
all general execution programs and data, and not limited to the contents data only. 
Therefore, while the invention has been shown and described with reference to certain 
best modes for carrying out the invention, it will be understood by those skilled in the 
20 art that various changes in form and details may be made in the present invention 
without departing from the spirit and scope of the invention as defined by the appended 
claims. 



29 



WO 02/103536 



PCT7KR02/01157 



What Is Claimed b: 

1. A data security system for execution of data, comprising: 
first storage means for receiving and storing data; 
access control means for storing identification information about a 
predetermined execution authorized to execute the data; 

determination means connected to the access contra! means for determining 
whether or not the identification information about an datariequesting execution 
program that requests for the data has been recorded in the access control means; and 

transmission means connected to the first storage means and the determination 
means for transmitting the data to the data-requesting execution program from the first 
storage means so as to be executed upon receipt of a detemrination signal to the 
identification information about the datariequesting execution program has been 
recorded from the determination means. 

2. The data security system of Claim 1, further comprising encryption 
means connected to an input terminal of the first storage means for encrypting the data 
and transmitting the same to the first storage means. 

3. The data security system of Claim 1, wherein the determination 
20 means comprises first decryption means for decrypting the data and transmitting the 

same to the transmission means if the data has been stared m the first storage 
anenayptedform. 

4. The data security system of any one of Claims 1 to 3, further 

30 
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comprising: 

second storage means for storing encrypted data; and 
second decryption means connected between the second storage means and 
the first storage means for decrypting the encrypted data stored in the second storage 
5 means and transmitting 



5. The data security system of Claim 2, further comprising: 

second storage means for storing encrypted data; and 

second decryption means connected between the second storage means and 
the encryption means for decrypting the encrypted data stored in the second storage 
means and transmitting the same to the encryption means. 



10 



6. The data security system of Claim 1, further comprising validity 
determination means connected to the access control means and having predetermined 
1 5 validity conditions) preset in association with the data for determining whether or not a 
command for executing the data satisfies the predetemined validity condition(s) upon 
receipt of the command for executing the data, and transmitting to the access control 
means the identification information about the predetonined execution program so as 
to be stored only when the command for execution is determined to be valid. 



20 



7. The data security system, of Claim 2 or 3, wherein the data are 
encrypted by using a one-time key. 

8. A data security system for execution of data, comprising filtering 
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means having stared identification information about a predetermined execution 
program for enabling the predetermined execution program to execute data, and for 
executing the data in response to a request for the data made by an datarrequesting 
execution program only when the stored identification information about the 
5 predetemiined executim program acrords with the identification information about the 
data-requesting execution program upon comparison* 

9, The data security system of Claim 8, further comprising storage 
means connected to the filtering means for storing the data 

10 

10. The data security system of Claim 9, wherein the filtering means 
comprises decryption means for decrypting the encrypted data and stared in the storage 
means. 

15 11. The data security system of Claim 9, wherein the filtering means 

comprises encryption means for encaypting the data and transmitting the same to the 
storage means when staring the data, and decrypting the data when reading the data 
from the storage means. 

20 12. The data security system of Claim 1, wherein the transmission 

means is located at forefront in the direction of the data-requesting execution program. 

1 3 . The data security system of Claim 8, wherein the filtering means is 
located at forefront in the direction of the data-requesting execution program. 
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14. A method for execution of data by a predeteimined execution 
program, the method comprising the steps of 

staring data; 

. 5 providing identification information about the predeterniined execution 

program; 

providing identification information about a data-requesting execution 
progranuponarequestfo 

comparing the provided identification information about the predetermined 
10 execution program with the identification information about the data-requesting 
execution program; and 

filtering for executing the data in response to the request only when the 
identification information about the predetermined execution program accords with the 
identification information about the data-requesting execution program, 

15 

15. The method of Claim 14, wherein the step of staring data comprises 
encrypting and storing data, 

16. The method of Claim 15, further comprising the step of decrypting 
20 the encrypted data 

17. The method of Claim 16, wherein the step of decrypting the data is 
performed when the step of filtering is performed 
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18. A medium for transmitting compute-readable programs, 
comprising filtering means having stored identification information about a 
predetermined execution program to execute data by the predeterniined execution 
program only, and for executing the data in response to a request for foe data made by a 

5 data-requesting execution program only when the identification information about the 
predetermined execution program accords with the identification information about the 
data-requesting execution program upon comparison. 

19. The medium of Claim 18, wherein the filtering means comprises 
10 encryption means for encrypting the data when storing the same, and decrypting the 

data when reading the same. 

20. A medium for storing computer-readable programs, comprising 
filtering means having stored identification information about a predeterniined 

is execution program to execute data by the predetermined execution program only, and 
for executing the data in response to a request for the data made by a data-requesting 
execution program only when the identification information about the predeterniined 
execution program accords with the identification information about the data- 
requesting execution program upon comparison 

20 

21. The medium of Claim 20, wherein the filtering means comprises 
encryption means for enaypting the data when storing the same, and decrypting the 
data when reading the same. 
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22. The data security system of any one of Claims 1 to 7, wherein the 
data are digital contents data. 

23. A steaming data protection system for protecting streaming data 
5 executed by a streaming method 

control means for applying information about streaming data requested for 
execution and identification information about an execution program capable of 
executing the streaming data; 

access control means for storing the supplied identification information about 
10 theexecutionprogram; 

filtering means connected to the access rantrol means ford 
or not the identification information about a data-requesting execution program has 
been stored in the access control means upon receipt of a request for execution of the 
streaming data by the data-requesting execution program, and in the affirmative, 
15 passing the request for execution a 

streaming data supply means for requesting the streaming data based on the 
supplied streaming data information upon receipt of the request fir streaming data 
passed through the filtering means, and supplying the streaming data to the execution 
program that requested the streaming data upon receipt of the requested streaming data. 

20 

24. The streaming data protection system of Claim 23, further 
comprising streaming data storage means for storing the requested^ 

supplying the stored streaming data to the streaming data supply means in response to 
the request from the streaming data supply means. 
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25. The streaming data protection system of Claim 23, further 
comprising dec^^ 

and supplying the same to the streaming data supply means . 

5 

26. The streaming data protection system of Claim 24, wherein the 
streaming data supply means comprises: 

first streaming data supply means for performing data commimication with 
the execution program by passing through the filtering means only; and 
10 second streaming data supply means for performing data communication with 

the first streaming data supply means not necessarily passing through the filtering 
means upon receipt of the streaming data fromthe streaming data storage means. 

27. The streaming data protection system of Claim 26, wherein the 
is second streaming data supply means may perform its function on an independent basis, 

and the information about the streaming data requested for execution is supplied to the 
second streaming data supply means by the control means, 

28. The streaming data protection system of Claim 24, wherein the 
20 streaming data storage means is remotely located from the streaming data supply 

means but is linked thereto through network 

29. The streaming data protection system of Claim 26, wherein the 
second streaming data supply means is remotely located from the first streaming data 
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supply means but is linked thereto through network. 

30. The streaming data protection system of Claim 23, further 
comprising buffering means between the execution program and the streaming data 

5 supply means for supplying the steaming data to the execution program through the 
buffering means upon rece^oflheiequestedsti^amingdata. 

31. A method for protecting streaming data executed by a streaming 
method, comprising the steps of: 

io supplying information about streaming data requested for execution and 

identification information about an execution program capable of executing the 
streaming data; 

storing the supplied identification information about the execution program in 
an access control means; 

15 detemiining whether or not the identification information about a dato- 

requesting execution program has been stored in the access control means if the data- 
requesting execution program requests execution of the streaming data, and in the 
affirmative, transmitting to a steam data supply means the request for execution as a 
valid request; 

20 requesting the streaming 

of the request for streaming data based on the supplied information about the streaming 
data; and 

supplying the streaming data to the execution program that requested the 
streaming data upon receipt of the streaming data by the streaming data si^ 
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32. The method of Claim 31, further comprising the step of storing the 
streaming data for the purpose of supplying the streaming data to the streaming data 
supply means in response to the request therefrom. 

5 

33. The method of Claim 31, farther comprising the step of decrypting 
the requested streaming data, if encrypted, and supplying the same to the streaming 
data supply means. 

io 34. The method of Claim31,fa^ 

streaming data prior to supplying the requested streaming data to the execution 
program upon receipt of the same by the streaming data supply means. 

35. A compute program storage medium for protecting s^ data 
15 executed by a streaming method, comprising: 

control means for supplying information about streaming data requested for 
execution and identification information about an execution program capable of 
exeajtingthe streaming data; 

access control means for storing the supplied identification information about 
20 the execution program; 

filtering means connected to the access control means for determ^^ 
or not the identification information about a datoequesting execution program has 
been stored in the access control means upon recent ofa request for execution of the 
streaming data by the data-requesting execution program, and in the affirmative, 
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passing the request for execution as a valid request; and 

streaming data supply means for requesting the streaming data based on the 
supplied streaming data information upon receipt of the request for streaming data 
passed through the filtering means, and supplying the streaming data to the execution 
5 program that requested tte 

36. The computer program storage medium of Claim 35, further 
comprising buffering means located between the execution program and the streaming 
data supply means for buffering the streaming data prior to supplying the streaming 
10 datato the execution program by the streaming data supply means. 
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